<?php
/**
 * 登录处理
 */
session_start();
if(isset($_POST["hidden"])&&$_POST["hidden"]=="hidden"){
    $user=trim($_POST["username"]);
    $pwd =md5(trim($_POST["userpwd"]));
    $code=trim($_POST["code"]);
    if($user=="" || $pwd=="" || $code==""){
        echo "<script>alert('请确认信息完整');location.href='".$_SERVER["HTTP_REFERER"]."';</script>";
    }elseif(strtolower($code)!=strtolower($_SESSION['code'])){
        echo "<script>alert('验证码错误');location.href='".$_SERVER["HTTP_REFERER"]."';</script>";
    }else{
            // 判断用户名和密码
            $conn= mysqli_connect("localhost","root","Immo.cn8");
            if(mysqli_errno($conn)){
                echo mysqli_errno($conn);
                exit;
            }
            mysqli_select_db($conn,"userdb");
            mysqli_set_charset($conn,"utf8");
            $sql="select username userpwd from user where username='$user'";
            $res=mysqli_query($conn,$sql);

            $num=mysqli_num_rows($res);
            if($num){
                $resrow=mysqli_fetch_row($sql);
                if($pwd=$resrow[1]){
                    echo "<script>alert('登录成功');window.location.href='index.php';</script>";
                }else{
                    echo "<script>alert('密码错误');location.href='".$_SERVER["HTTP_REFERER"]."';</script>";
                }
            }else{
                echo "<script>alert('用户名不存在');location.href='".$_SERVER["HTTP_REFERER"]."';</script>";
            }
            mysqli_close($conn);
    }
}else{
    echo "<script>alert('数据未成功提交');location.href='".$_SERVER["HTTP_REFERER"]."';</script>";
    //header("Location: register.php");
}